How to create a basic report

Question

Hello,I have to ask something that IMO should be very easy but i don't know how to do it.I just want to see 4 columns :Source IP , Destination IP, Port, Session countAnd group the lines by source and destination. It should look like this :source ip            dest ip            Port                   Session192.168.1.1       172.17.5.1      80,                     700                                              443,                   800                                              389                    200 192.168.1.1       172.17.5.3      80,                     700                                              443,                   800                                              389                    200 192.168.1.2       172.17.5.1      80,                     700                                              443,                   800                                              389                    200 192.168.1.2       172.17.5.5      80,                     700                                              443,                   800                                              389                    200 Did someone allready do something like that. I'm really bad in Postgre and nothing in fortiview or log view allow me to show things like that. Thank you in advance for all your help. Regards,

brazz_FTNT · Answer

Hello,

You may try using below dataset.

SELECT ipstr(`srcip`) || ' | ' || ipstr(`dstip`) as srcip_dstip, dstport, COUNT (*) AS sessioncount FROM $log WHERE $filter and dstport IN (80,389,443) GROUP BY srcip_dstip, dstport order by sessioncount desc

After you created this dataset you need to create a chart ; select chart type as table, and then select drill-down . You need to insert it to your report.

Generating reports--->P{92}

Regards

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded